<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

function dt_get_purchases($user_id) {
    $user_id = mysql_real_escape_string($user_id);
    $query = "SELECT id, user_id, reference, value, timestamp FROM draw_together_spent_coin_references WHERE user_id = '$user_id'";
    //echo $query;
    return safe_select_query($query);
}

function dt_get_coins($user_id) {
    $user_id = mysql_real_escape_string($user_id);
    $query = "SELECT coins FROM draw_together_coins WHERE user_id = '$user_id'";
    //echo $query;
    $result = safe_select_query($query);
    //var_dump($result);
    if ($result && $result[0]) {
        return $result[0]->coins;
    }
    return -1;
}

function dt_update_coins($user_id, $offset) {
    $user_id = mysql_real_escape_string($user_id);
    $offset = mysql_real_escape_string($offset);
    //echo "($user_id, $offset)";
    if($user_id) {
        $timestamp = time();
        $coins = dt_get_coins($user_id);
        //echo "($timestamp, $coins)";
        if ($coins < 0) {
            $value = $offset;
            if ($value >= 0) {
                $query = "INSERT INTO draw_together_coins(user_id, coins, timestamp) 
                                VALUES('$user_id', '$value', '$timestamp')";
                //echo $query;
                return safe_insert_query($query);
            }
        } else {
            $value = $coins + $offset;
            if ($value >= 0) {
                $query = "UPDATE draw_together_coins 
                            SET coins = $value, timestamp = '$timestamp' 
                            WHERE user_id = '$user_id'";
                //echo $query;
                return safe_update_query($query);
            }
        }
        
    }
    
    return FALSE;
}
/*
 * id
 * user_id
 * value
 * reference
 * timestamp
 */

function dt_get_coin_reference_by_reference($reference) {
    $reference = mysql_real_escape_string($reference);
    if(!$reference) {
        return FALSE;
    }
    $query = "SELECT id, user_id, value, reference, timestamp 
                    FROM draw_together_coin_references
                    WHERE reference = '$reference'";
    $result = safe_select_query($query);
    if ($result && $result[0]) {
        return $result[0];
    }
    return FALSE;
}

function dt_log_reference($user_id, $value, $reference) {
    // To check ourselves
    // reference column is unique so if reference already there, will return false since no insertion
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    $timestamp = time();
    if ($user_id && $value && $reference) {
        $query = "INSERT INTO draw_together_bad_coin_references(user_id, value, reference, timestamp)
                    VALUES('$user_id', '$value', '$reference', '$timestamp')";
        return safe_insert_query($query);
    }
    return FALSE;
}

function dt_log_spent_reference($user_id, $value, $reference) {
    // To check ourselves
    // reference column is unique so if reference already there, will return false since no insertion
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    $timestamp = time();
    if ($user_id && $value && $reference) {
        $query = "INSERT INTO draw_together_bad_spent_coin_references(user_id, value, reference, timestamp)
                    VALUES('$user_id', '$value', '$reference', '$timestamp')";
        return safe_insert_query($query);
    }
    return FALSE;
}

function dt_add_reference($user_id, $value, $reference) {
    // To check ourselves
    // reference column is unique so if reference already there, will return false since no insertion
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    $timestamp = time();
    if ($user_id && $value && $reference) {
        $query = "INSERT INTO draw_together_coin_references(user_id, value, reference, timestamp)
                    VALUES('$user_id', '$value', '$reference', '$timestamp')";
        return safe_insert_query($query);
    }
    return FALSE;
}

function dt_add_spent_reference($user_id, $value, $reference) {
    // To check ourselves
    // reference column is unique so if reference already there, will return false since no insertion
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    $timestamp = time();
    if ($user_id && $value >= 0 && $reference) {
        $query = "INSERT INTO draw_together_spent_coin_references(user_id, value, reference, timestamp)
                    VALUES('$user_id', '$value', '$reference', '$timestamp')";
        //echo $query;
        return safe_insert_query($query);
    }
    return FALSE;
}


function dt_delete_reference($user_id, $value, $reference) {
    // remove reference on fail transaction
    // should we log bad transaction
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    $timestamp = time();
    if ($user_id && $value >= 0 && $reference) {
        $query = "DELETE FROM draw_together_coin_references
                    WHERE reference = '$reference'";
        return safe_delete_query($query);
    }
    return FALSE;
}

function dt_delete_spent_reference($user_id, $value, $reference) {
    // remove reference on fail transaction
    // should we log bad transaction
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    $timestamp = time();
    if ($user_id && $value >= 0 && $reference) {
        $query = "DELETE FROM draw_together_spent_coin_references
                    WHERE reference = '$reference'";
        return safe_delete_query($query);
    }
    return FALSE;
}


function dt_check_reference($user_id, $value, $reference) {
    // To check with Apple
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    if ($user_id && $value >= 0 && $reference) {
        //$result = dt_get_coin_reference_by_reference($reference);
        //if (!$result) {
        //    return dt_add_reference($user_id, $value, $reference);
        //}
        
        return TRUE;
    }
    return FALSE;
}

function dt_add_coins($user_id, $value, $reference) {
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    if ($user_id && $value > 0 && $reference) {
        if (dt_add_reference($user_id, $value, $reference)) {
            // added reference
            if(dt_check_reference($user_id, $value, $reference)) {
                // validated reference
                if(dt_update_coins($user_id, $value)) {
                    // no need to remove reference
                    return TRUE;
                } else {
                    // rollback so reference can be used again
                    dt_delete_reference($user_id, $value, $reference);
                }
            } else {
                // rollback
                dt_delete_reference($user_id, $value, $reference);
                dt_log_reference($user_id, $value, $reference);
            }
        } else {
            dt_log_reference($user_id, $value, $reference);
        }
    }
    return FALSE;
}

function dt_use_coins($user_id, $value, $reference) {
    $user_id = mysql_real_escape_string($user_id);
    $value = mysql_real_escape_string($value);
    $reference = mysql_real_escape_string($reference);
    if ($user_id && $value >= 0 && $reference) {
        if (dt_add_spent_reference($user_id, $value, $reference)) {
            // added reference
            // minus the number
            //echo 1;
            if(dt_update_coins($user_id, -$value)) {
                // no need to remove reference
                return TRUE;
            } else {
                //echo 2;
                // rollback so reference can be used again
                dt_delete_spent_reference($user_id, $value, $reference);
            }
        } else {
            //echo 3;
            dt_log_spent_reference($user_id, $value, $reference);
        }
    }
    return FALSE;
}

function dt_coins_balance($user_id) {
    $user_id = mysql_real_escape_string($user_id);
    return TRUE;
}

function dt_update_coin_token($user_id, $token) {
    $user_id = mysql_real_escape_string($user_id);
    $token = mysql_real_escape_string($token);
    $query = "INSERT INTO draw_together_coin_tokens(user_id, token) VALUES('$user_id', '$token')
                ON DUPLICATE KEY UPDATE token = '$token'";
    //echo $query;
    return safe_update_query($query);
}

function dt_log_coin_token($user_id, $token) {
    $user_id = mysql_real_escape_string($user_id);
    $token = mysql_real_escape_string($token);
    $query = "INSERT INTO draw_together_bad_coin_tokens(user_id, token) VALUES('$user_id', '$token')";
    return safe_update_query($query);
}

function dt_get_coin_token($user_id) {
    $user_id = mysql_real_escape_string($user_id);
    $query = "SELECT id, user_id, token FROM draw_together_coin_tokens WHERE user_id = '$user_id'";
    $result = safe_select_query($query);
    return $result[0];
}

function dt_check_coin_token($user_id, $token) {
    $user_id = mysql_real_escape_string($user_id);
    $token = mysql_real_escape_string($token);
    //echo "($user_id, $token)";
    if (!$user_id || !$token || !is_numeric($token))
        return FALSE;
    $user = dt_get_user_by_user_id($user_id);
    // Check user_id existence.
    if (!$user) {
        return FALSE;
    }
    //var_dump($user);
    $db_token = dt_get_coin_token($user_id);
    if($db_token && $db_token->token) {
        // 13 IS A MAGIC NUMBER
        if($token == $db_token->token + 13) {
            dt_update_coin_token($user_id, $token + 1);
            return TRUE;
        } else {
            // A replay attack
            dt_log_coin_token($user_id, $token);
            return FALSE;
        }
    } else {
        dt_update_coin_token($user_id, $token + 1);
        return TRUE;
    }
    return FALSE;
}

function dt_pro_coins($user_id) {
    $user_id = mysql_real_escape_string($user_id);
    $reference = "com.greengar.drawtogether.pro";
    if(dt_use_coins($user_id, 0, $reference)) {
        return dt_add_coins($user_id, 300, $reference);
    }
    return FALSE;
}

function dt_lite_coins($user_id) {
    $user_id = mysql_real_escape_string($user_id);
    $reference = "com.greengar.drawtogether.lite";
    if(dt_use_coins($user_id, 0, $reference)) {
        return dt_add_coins($user_id, 0, $reference);
    }
    return FALSE;
}

function dt_export_coins($user_id) {
    $timestamp = time();
    $user_id = mysql_real_escape_string($user_id);
    
    $db_token = dt_get_coin_token($user_id);
    
    if($db_token && $db_token->token) {
        $timestamp = $db_token->token;
    }
    
    $coins = dt_get_coins($user_id);
    if ($coins < 0) {
        $coins = 0;
    }
    
    return array(
        'coins' => $coins,
        'timestamp' => $timestamp        
    );
}

?>
